<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link rel="STYLESHEET" href="lib.css" type='text/css' />
<link rel="SHORTCUT ICON" href="../icons/pyfav.png" type="image/png" />
<link rel='start' href='../index.html' title='Python documentation Index' />
<link rel="first" href="lib.html" title='Python library Reference' />
<link rel='contents' href='contents.html' title="Contents" />
<link rel='index' href='genindex.html' title='Index' />
<link rel='last' href='about.html' title='About this document...' />
<link rel='help' href='about.html' title='About this document...' />
<link rel="next" href="node846.html" />
<link rel="prev" href="rexec-objects.html" />
<link rel="parent" href="module-rexec.html" />
<link rel="next" href="node846.html" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name='aesop' content='information' />
<title>28.1.2 Defining restricted environments </title>
</head>
<body>
<div class="navigation">
<div id='top-navigation-panel' xml:id='top-navigation-panel'>
<table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td class='online-navigation'><a rel="prev" title="28.1.1 rexec Objects"
  href="rexec-objects.html"><img src='../icons/previous.png'
  border='0' height='32'  alt='Previous Page' width='32' /></a></td>
<td class='online-navigation'><a rel="parent" title="28.1 rexec  "
  href="module-rexec.html"><img src='../icons/up.png'
  border='0' height='32'  alt='Up one Level' width='32' /></a></td>
<td class='online-navigation'><a rel="next" title="28.1.3 an example"
  href="node846.html"><img src='../icons/next.png'
  border='0' height='32'  alt='Next Page' width='32' /></a></td>
<td align="center" width="100%">Python Library Reference</td>
<td class='online-navigation'><a rel="contents" title="Table of Contents"
  href="contents.html"><img src='../icons/contents.png'
  border='0' height='32'  alt='Contents' width='32' /></a></td>
<td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png'
  border='0' height='32'  alt='Module Index' width='32' /></a></td>
<td class='online-navigation'><a rel="index" title="Index"
  href="genindex.html"><img src='../icons/index.png'
  border='0' height='32'  alt='Index' width='32' /></a></td>
</tr></table>
<div class='online-navigation'>
<b class="navlabel">Previous:</b>
<a class="sectref" rel="prev" href="rexec-objects.html">28.1.1 RExec Objects</a>
<b class="navlabel">Up:</b>
<a class="sectref" rel="parent" href="module-rexec.html">28.1 rexec  </a>
<b class="navlabel">Next:</b>
<a class="sectref" rel="next" href="node846.html">28.1.3 An example</a>
</div>
<hr /></div>
</div>
<!--End of Navigation Panel-->

<h2><a name="SECTION0030120000000000000000"></a><a name="rexec-extension"></a>
<br>
28.1.2 Defining restricted environments 
</h2>

<p>
The <tt class="class">RExec</tt> class has the following class attributes, which are
used by the <tt class="method">__init__()</tt> method.  Changing them on an existing
instance won't have any effect; instead, create a subclass of
<tt class="class">RExec</tt> and assign them new values in the class definition.
Instances of the new class will then use those new values.  All these
attributes are tuples of strings.

<p>
<dl><dt><b><tt id='l2h-5345' xml:id='l2h-5345' class="member">nok_builtin_names</tt></b></dt>
<dd>
Contains the names of built-in functions which will <em>not</em> be
available to programs running in the restricted environment.  The
value for <tt class="class">RExec</tt> is <code>('open', 'reload', '__import__')</code>.
(This gives the exceptions, because by far the majority of built-in
functions are harmless.  A subclass that wants to override this
variable should probably start with the value from the base class and
concatenate additional forbidden functions -- when new dangerous
built-in functions are added to Python, they will also be added to
this module.)
</dl>

<p>
<dl><dt><b><tt id='l2h-5346' xml:id='l2h-5346' class="member">ok_builtin_modules</tt></b></dt>
<dd>
Contains the names of built-in modules which can be safely imported.
The value for <tt class="class">RExec</tt> is <code>('audioop', 'array', 'binascii',
'cmath', 'errno', 'imageop', 'marshal', 'math', 'md5', 'operator',
'parser', 'regex', 'select', 'sha', '_sre', 'strop',
'struct', 'time')</code>.  A similar remark about overriding this variable
applies -- use the value from the base class as a starting point.
</dl>

<p>
<dl><dt><b><tt id='l2h-5347' xml:id='l2h-5347' class="member">ok_path</tt></b></dt>
<dd>
Contains the directories which will be searched when an <tt class="keyword">import</tt>
is performed in the restricted environment.  
The value for <tt class="class">RExec</tt> is the same as <code>sys.path</code> (at the time
the module is loaded) for unrestricted code.
</dl>

<p>
<dl><dt><b><tt id='l2h-5348' xml:id='l2h-5348' class="member">ok_posix_names</tt></b></dt>
<dd>
Contains the names of the functions in the <tt class="module"><a href="module-os.html">os</a></tt> module which will be
available to programs running in the restricted environment.  The
value for <tt class="class">RExec</tt> is <code>('error', 'fstat', 'listdir',
'lstat', 'readlink', 'stat', 'times', 'uname', 'getpid', 'getppid',
'getcwd', 'getuid', 'getgid', 'geteuid', 'getegid')</code>.
</dl>

<p>
<dl><dt><b><tt id='l2h-5349' xml:id='l2h-5349' class="member">ok_sys_names</tt></b></dt>
<dd>
Contains the names of the functions and variables in the <tt class="module"><a href="module-sys.html">sys</a></tt>
module which will be available to programs running in the restricted
environment.  The value for <tt class="class">RExec</tt> is <code>('ps1', 'ps2',
'copyright', 'version', 'platform', 'exit', 'maxint')</code>.
</dl>

<p>
<dl><dt><b><tt id='l2h-5350' xml:id='l2h-5350' class="member">ok_file_types</tt></b></dt>
<dd>
Contains the file types from which modules are allowed to be loaded.
Each file type is an integer constant defined in the <tt class="module"><a href="module-imp.html">imp</a></tt> module.
The meaningful values are <tt class="constant">PY_SOURCE</tt>, <tt class="constant">PY_COMPILED</tt>, and
<tt class="constant">C_EXTENSION</tt>.  The value for <tt class="class">RExec</tt> is <code>(C_EXTENSION,
PY_SOURCE)</code>.  Adding <tt class="constant">PY_COMPILED</tt> in subclasses is not recommended;
an attacker could exit the restricted execution mode by putting a forged
byte-compiled file (<span class="file">.pyc</span>) anywhere in your file system, for example
by writing it to <span class="file">/tmp</span> or uploading it to the <span class="file">/incoming</span>
directory of your public FTP server.
</dl>

<p>

<div class="navigation">
<div class='online-navigation'>
<p></p><hr />
<table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td class='online-navigation'><a rel="prev" title="28.1.1 rexec Objects"
  href="rexec-objects.html"><img src='../icons/previous.png'
  border='0' height='32'  alt='Previous Page' width='32' /></a></td>
<td class='online-navigation'><a rel="parent" title="28.1 rexec  "
  href="module-rexec.html"><img src='../icons/up.png'
  border='0' height='32'  alt='Up one Level' width='32' /></a></td>
<td class='online-navigation'><a rel="next" title="28.1.3 an example"
  href="node846.html"><img src='../icons/next.png'
  border='0' height='32'  alt='Next Page' width='32' /></a></td>
<td align="center" width="100%">Python Library Reference</td>
<td class='online-navigation'><a rel="contents" title="Table of Contents"
  href="contents.html"><img src='../icons/contents.png'
  border='0' height='32'  alt='Contents' width='32' /></a></td>
<td class='online-navigation'><a href="modindex.html" title="Module Index"><img src='../icons/modules.png'
  border='0' height='32'  alt='Module Index' width='32' /></a></td>
<td class='online-navigation'><a rel="index" title="Index"
  href="genindex.html"><img src='../icons/index.png'
  border='0' height='32'  alt='Index' width='32' /></a></td>
</tr></table>
<div class='online-navigation'>
<b class="navlabel">Previous:</b>
<a class="sectref" rel="prev" href="rexec-objects.html">28.1.1 RExec Objects</a>
<b class="navlabel">Up:</b>
<a class="sectref" rel="parent" href="module-rexec.html">28.1 rexec  </a>
<b class="navlabel">Next:</b>
<a class="sectref" rel="next" href="node846.html">28.1.3 An example</a>
</div>
</div>
<hr />
<span class="release-info">Release 2.5.1, documentation updated on 18th April, 2007.</span>
</div>
<!--End of Navigation Panel-->
<address>
See <i><a href="about.html">About this document...</a></i> for information on suggesting changes.
</address>
</body>
</html>
